package cn.edu.zjgsu.security;

import cn.edu.zjgsu.dao.PermissionDao;
import cn.edu.zjgsu.dao.RoleDao;
import cn.edu.zjgsu.dao.UserDao;
import cn.edu.zjgsu.model.Permission;
import cn.edu.zjgsu.model.Role;
import cn.edu.zjgsu.model.User;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;

import java.util.ArrayList;
import java.util.List;

/**
 * @author: mwq
 * DateTime: 2017/11/8 22:35
 * Description:
 */
@Component
public class Realm extends AuthorizingRealm
{
    @Autowired
    UserDao userDao;
    @Autowired
    RoleDao roleDao;
    @Autowired
    PermissionDao permissionDao;

    /**
     * 登录验证
     *
     * @param authenticationToken
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException
    {
        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
        String username = token.getUsername();
        String password = new String(token.getPassword());
        List<User> userList = userDao.findByHQL("from User where username = ?",username);
        //账户不存在
        if (userList.size() == 0)
        {
            throw new UnknownAccountException();
        }
        String passwordInDataBase = userList.get(0).getPassword();
        SimpleAuthenticationInfo info= null;
        if(passwordInDataBase.equals(password))
        {
            info = new SimpleAuthenticationInfo(username, passwordInDataBase, getName());
        }
        //密码错误
        else
        {
            throw new IncorrectCredentialsException();
        }

        return info;
    }


    /**
     * 权限验证
     *
     * @param principalCollection
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection)
    {
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        String username = principalCollection.fromRealm(getName()).iterator().next().toString();
        if (StringUtils.isEmpty(username))
        {
            return info;
        }
        /**
         * 添加角色
         */
        List<Role> roles = roleDao.findByHQL(" from Role where username = ?",username);
        List<String> roleNameList = new ArrayList<String>();
        for (int i = 0,length=roles.size(); i <length ; i++)
        {
            roleNameList.add(roles.get(i).getRoleName());
        }
        info.addRoles(roleNameList);

        /**
         * 添加权限
         */
        List<Permission> permissionList = permissionDao.findByHQL
                ("select p from Role r,Permission p where r.username = ? and p.roleName=r.roleName", username);
        for (int i = 0,length=permissionList.size(); i <length ; i++)
        {
            info.addStringPermission(permissionList.get(i).getPermissionName());
        }
        return info;
    }

}
